From ef94e5519a9b2c623559014487800b5ff6fba769 Mon Sep 17 00:00:00 2001 From: richard Date: Mon, 13 Apr 2026 22:20:35 -0400 Subject: [PATCH] create acme-dns deployment --- .../prod.k3s/tasks/deployments/acme-dns.yaml | 3 ++ .../prod.k3s/templates/acme-dns/ingress.yaml | 29 +++++++++++++++++++ .../templates/acme-dns/service-dns.yaml | 17 +++++++++++ .../prod.k3s/templates/acme-dns/service.yaml | 13 +++++++++ 4 files changed, 62 insertions(+) create mode 100644 ansible-5/roles/prod.k3s/templates/acme-dns/ingress.yaml create mode 100644 ansible-5/roles/prod.k3s/templates/acme-dns/service-dns.yaml create mode 100644 ansible-5/roles/prod.k3s/templates/acme-dns/service.yaml diff --git a/ansible-5/roles/prod.k3s/tasks/deployments/acme-dns.yaml b/ansible-5/roles/prod.k3s/tasks/deployments/acme-dns.yaml index 1d31ac4..59614f7 100644 --- a/ansible-5/roles/prod.k3s/tasks/deployments/acme-dns.yaml +++ b/ansible-5/roles/prod.k3s/tasks/deployments/acme-dns.yaml @@ -21,4 +21,7 @@ - acme-dns/pv-data.yaml - acme-dns/pv-config-claim.yaml - acme-dns/pv-data-claim.yaml + - acme-dns/service.yaml + - acme-dns/service-dns.yaml + - acme-dns/ingress.yaml become: true diff --git a/ansible-5/roles/prod.k3s/templates/acme-dns/ingress.yaml b/ansible-5/roles/prod.k3s/templates/acme-dns/ingress.yaml new file mode 100644 index 0000000..a922101 --- /dev/null +++ b/ansible-5/roles/prod.k3s/templates/acme-dns/ingress.yaml @@ -0,0 +1,29 @@ +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: acme-dns + namespace: "{{apps.acme_dns.namespace}}" + annotations: + kubernetes.io/ingress.class: "traefik" +# traefik.ingress.kubernetes.io/router.entrypoints: websecure +# traefik.ingress.kubernetes.io/router.tls: "true" +# cert-manager.io/cluster-issuer: letsencrypt-production + +spec: + rules: + - host: dns-api.xai-corp.net + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: dns-api + port: + number: 80 + +# tls: # < placing a host in the TLS config will determine what ends up in the cert's subjectAltNames +# - secretName: xai-corp-production-tls-ap1 +# hosts: +# - dns-api.xai-corp.net diff --git a/ansible-5/roles/prod.k3s/templates/acme-dns/service-dns.yaml b/ansible-5/roles/prod.k3s/templates/acme-dns/service-dns.yaml new file mode 100644 index 0000000..ca416aa --- /dev/null +++ b/ansible-5/roles/prod.k3s/templates/acme-dns/service-dns.yaml @@ -0,0 +1,17 @@ +--- + +apiVersion: v1 +kind: Service +metadata: + name: acme-dns-dns + namespace: "{{apps.acme_dns.namespace}}" +spec: +# allocateLoadBalancerNodePorts: true +# clusterIP: None + type: LoadBalancer + selector: + app: acme-dns + ports: + - port: 10053 + targetPort: 53 + protocol: TCP diff --git a/ansible-5/roles/prod.k3s/templates/acme-dns/service.yaml b/ansible-5/roles/prod.k3s/templates/acme-dns/service.yaml new file mode 100644 index 0000000..0fc1f97 --- /dev/null +++ b/ansible-5/roles/prod.k3s/templates/acme-dns/service.yaml @@ -0,0 +1,13 @@ +--- +apiVersion: v1 +kind: Service +metadata: + name: acme-dns-api + namespace: "{{apps.acme_dns.namespace}}" +spec: + selector: + app: acme-dns + ports: + - port: 80 + targetPort: 80 +